xin/modules/ts-rev-prox.nix

{
  lib,
  config,
  pkgs,
  ...
}: let
  cfg = config.services.tsrevprox;
in {
  options = with lib; {
    services.tsrevprox = {
      enable = lib.mkEnableOption "Enable tsrevprox";

      reversePort = mkOption {
        type = types.int;
        default = 5000;
        description = ''
          Port to forward connections to.
        '';
      };

      reverseIP = mkOption {
        type = types.str;
        default = "127.0.0.1";
        description = ''
          IP to forward connections to.
        '';
      };

      reverseName = mkOption {
        type = types.str;
        default = "tsrevprox";
        description = ''
          Name used in for the front facing http server (will be a tailscale name).
        '';
      };

      user = mkOption {
        type = with types; oneOf [str int];
        default = "tsrevprox";
        description = ''
          The user the service will use.
        '';
      };

      group = mkOption {
        type = with types; oneOf [str int];
        default = "tsrevprox";
        description = ''
          The group the service will use.
        '';
      };

      dataDir = mkOption {
        type = types.path;
        default = "/var/lib/tsrevprox";
        description = "Path tsrevprox home directory";
      };

      package = mkOption {
        type = types.package;
        default = pkgs.ts-reverse-proxy;
        defaultText = literalExpression "pkgs.ts-reverse-proxy";
        description = "The package to use for ts-reverse-proxy";
      };

      envFile = mkOption {
        type = types.path;
        default = "/run/secrets/ts_proxy_env";
        description = ''
          Path to a file containing the ts-reverse-proxy token information
        '';
      };
    };
  };

  config = lib.mkIf cfg.enable {
    users.groups.${cfg.group} = {};
    users.users.${cfg.user} = {
      description = "tsrevprox service user";
      isSystemUser = true;
      home = "${cfg.dataDir}";
      createHome = true;
      group = "${cfg.group}";
    };

    systemd.services.tsrevprox = {
      enable = true;
      description = "tsrevprox server";
      wantedBy = ["network-online.target"];
      after = ["network-online.target"];

      environment = {HOME = "${cfg.dataDir}";};

      serviceConfig = {
        User = cfg.user;
        Group = cfg.group;

        ExecStart = "${cfg.package}/bin/ts-reverse-proxy -name ${cfg.reverseName} -port ${
          toString cfg.reversePort
        } -ip ${cfg.reverseIP}";
        EnvironmentFile = cfg.envFile;
      };
    };
  };
}
all: format with alejandra 2023-07-11 09:12:50 -06:00			`{`
			`lib,`
			`config,`
			`pkgs,`
			`...`
			`}: let`
			`cfg = config.services.tsrevprox;`
overlay: add matrix-synapse -> 1.76.0 2023-01-31 12:55:00 -07:00			`in {`
			`options = with lib; {`
			`services.tsrevprox = {`
			`enable = lib.mkEnableOption "Enable tsrevprox";`

			`reversePort = mkOption {`
			`type = types.int;`
			`default = 5000;`
			`description = ''`
			`Port to forward connections to.`
			`'';`
			`};`

			`reverseIP = mkOption {`
			`type = types.str;`
			`default = "127.0.0.1";`
			`description = ''`
			`IP to forward connections to.`
			`'';`
			`};`

			`reverseName = mkOption {`
			`type = types.str;`
			`default = "tsrevprox";`
			`description = ''`
			`Name used in for the front facing http server (will be a tailscale name).`
all: add ci config / setup 2023-01-31 12:55:24 -07:00			`'';`
overlay: add matrix-synapse -> 1.76.0 2023-01-31 12:55:00 -07:00			`};`

			`user = mkOption {`
all: format with alejandra 2023-07-11 09:12:50 -06:00			`type = with types; oneOf [str int];`
overlay: add matrix-synapse -> 1.76.0 2023-01-31 12:55:00 -07:00			`default = "tsrevprox";`
			`description = ''`
			`The user the service will use.`
			`'';`
			`};`

			`group = mkOption {`
all: format with alejandra 2023-07-11 09:12:50 -06:00			`type = with types; oneOf [str int];`
overlay: add matrix-synapse -> 1.76.0 2023-01-31 12:55:00 -07:00			`default = "tsrevprox";`
			`description = ''`
			`The group the service will use.`
			`'';`
			`};`

			`dataDir = mkOption {`
			`type = types.path;`
			`default = "/var/lib/tsrevprox";`
			`description = "Path tsrevprox home directory";`
			`};`

			`package = mkOption {`
			`type = types.package;`
			`default = pkgs.ts-reverse-proxy;`
			`defaultText = literalExpression "pkgs.ts-reverse-proxy";`
			`description = "The package to use for ts-reverse-proxy";`
			`};`

			`envFile = mkOption {`
			`type = types.path;`
			`default = "/run/secrets/ts_proxy_env";`
			`description = ''`
			`Path to a file containing the ts-reverse-proxy token information`
			`'';`
			`};`
			`};`
			`};`

all: add ci config / setup 2023-01-31 12:55:24 -07:00			`config = lib.mkIf cfg.enable {`
all: format with alejandra 2023-07-11 09:12:50 -06:00			`users.groups.${cfg.group} = {};`
overlay: add matrix-synapse -> 1.76.0 2023-01-31 12:55:00 -07:00			`users.users.${cfg.user} = {`
			`description = "tsrevprox service user";`
			`isSystemUser = true;`
			`home = "${cfg.dataDir}";`
			`createHome = true;`
			`group = "${cfg.group}";`
			`};`

			`systemd.services.tsrevprox = {`
			`enable = true;`
			`description = "tsrevprox server";`
all: format with alejandra 2023-07-11 09:12:50 -06:00			`wantedBy = ["network-online.target"];`
			`after = ["network-online.target"];`
overlay: add matrix-synapse -> 1.76.0 2023-01-31 12:55:00 -07:00
all: format with alejandra 2023-07-11 09:12:50 -06:00			`environment = {HOME = "${cfg.dataDir}";};`
overlay: add matrix-synapse -> 1.76.0 2023-01-31 12:55:00 -07:00
			`serviceConfig = {`
			`User = cfg.user;`
			`Group = cfg.group;`

all: format with alejandra 2023-07-11 09:12:50 -06:00			`ExecStart = "${cfg.package}/bin/ts-reverse-proxy -name ${cfg.reverseName} -port ${`
			`toString cfg.reversePort`
			`} -ip ${cfg.reverseIP}";`
overlay: add matrix-synapse -> 1.76.0 2023-01-31 12:55:00 -07:00			`EnvironmentFile = cfg.envFile;`
			`};`
			`};`
			`};`
			`}`